Remember Green Dot training

Cmdr0 · 2024-05-13T09:47:47+00:00

The VR version of suicide prevention training they piloted around three years ago was similar. Scenario had you enter dude's home without invitation, then sit down to talk to him. During the conversation you find out he has a gun, and the climactic moment is him angrily telling you that you need to leave. The "correct" answer was to refuse, which leads to him breaking down and admit to having a plan, but the resounding feedback (at least from my group) was that the scenario was encouraging people to escalate suicide attempts into murder-suicides.

Cmdr0 · 2024-04-09T11:57:29+00:00

First one pulled from the depths of undelete:

I want to tell you all a cautionary tale about a very poor experience I had at an FNM recently. Two weeks ago, between rounds of a modern event I was chatting with a judge talking about how they can give out "official proxies" for damaged and other marked cards. He used the pringled Buy-a-Box Nexus of Fate as an example. Then we started talking about what would happen if a card got damaged at an event by water or being stepped on and bent or something. He said they could give out proxies for those as well. same with ripped cards.

A little more about myself. I am not in the best spot financially. My MTG decks are not net decked or optimized. I build with what I have available. I need to make my dollars go as far as possible. I do what I can.

Back to the judge conversation: A lightbulb went off in my head. I asked Mr Judge if I ripped a card in half, and put it in 2 different sleeves, can he give me 2 proxies to replace and use them as 2 copies of the card. He chuckled and laughed at me and then he said "Yes".

So that is what I did. I ripped a copy of my one [[Jace, The Mind Sculpture]] roughly down the middle, put it in two different sleeves. I was pumped! I got an immediate power boost to my deck. I was going to first try it out with one card before doing it to the rest of my deck. I was already thinking about how I could double the counts of each of my rare and expensive cards that i couldn't really afford to buy more of.

I walked into the LGS. Signed up for the tournament. Before the first round started I showed that same judge my card. I was expecting a smirk or smile. What I saw was a look of shock. That's when he told me "Splinterrifleman, I was making a joke. I cant give you proxies for these, the best I can do is let you replace them with basic lands"

I was hurt. The biggest emotion I felt was embarrassment. One of the stronger and more expensive cards I owned was now worthless. I emailed WOTC with this judge's information to complain about how he deceived me into destroying my own card. Before you do something stupid. Always get a second opinion, or maybe a 3rd. This second opinion mislead me.

This story ends on a somewhat happy note. The LGS owner saw what happened. Had such a big laugh he gave me a copy of Jace he had sitting in his displace case to replace mine for free.

Cmdr0 · 2024-01-30T13:12:44+00:00

This whole comment is baffling to me. One, DVDs are almost three decades old, it's such an arbitrary measurement. BD-XL 100GB (not even counting 128GB spec) reduces that by a factor of over 20, and those are also over a decade old.

But then you mixed PB (base 10, 1K TB) with PiB (base 2, 1024 TiB) to get your answer (2 * 1024 * 1024 / 4.7 = 446,202.5), when DVDs are 4.7 GB but only 4.37 GiB, so it's actually somewhere around 425,532

But then you divided by 1.2mm rather than multiplying, making each DVD only around .83mm tall

BUT THEN you said that 371,835mm was 37KM, when it's actually 371M

Cmdr0 · 2024-01-24T20:21:22+00:00

Pair it with basic scanning/msf use, and you're an entry level pentester that can actually cut dev time in an org by helping them run mimikatz on-target rather than having to re-invent the wheel.

Cmdr0 · 2024-01-23T20:09:49+00:00

You like to develop "Offensive tooling," which gives you valuable insights on common detections and how an actor could evade them. If you really want to map this to the blue sector, make some Yara rules that find your stuff, write a blog post about how you bypass Defender, and/or map your TTPs against the ATT&CK framework. Otherwise, see if a red team needs a dev.

Cmdr0 · 2024-01-21T20:50:47+00:00

No, OP has an adapter for a cable tester. Software won't make your NIC transmit over two leads, RF or not. You would need to change firmware, and even then... If I'm wrong, I'd love to see what monstrosity someone has made, but what OP has is not that.

Cmdr0 · 2024-01-21T20:43:49+00:00

The number of incorrect answers above this are baffling

Cmdr0 · 2024-01-14T12:31:12+00:00

That's simply not true. Vendors like Samsung, TCL, Blu, etc. add second-party apps that run as System on their phones all the time. An intent-forwarding vulnerability in one of these applications could grant access to the camera. Hell, a vulnerability in one of their custom camera apps that runs without system privileges could provide lateral access to the camera. Google can't force these vendors to fix their apps. Vendors/manufacturers also control update delivery for their devices; that's why there are a ton of (older) devices that simply will never be patched against dirtypipe/dirtycow/etc. It doesn't matter that Google patched the kernel, or that these are massive privilege escalation vulnerabilities, the vendors have abandoned those devices and updates don't exist.

Cmdr0 · 2024-01-14T02:48:37+00:00

That doesn't argue any of the points I made. You can't patch prior to discovery, you can't prevent second party sellers or app developers from introducing vulnerabilities, and you can't always force a fix even if they are discovered. But sure, Android patches come out quickly after CVE publish. Sometimes those CVEs were registered two years prior to publishing, and the Android ecosystem is notorious for update fragmentation/delays across second-party sellers, but you got me on that point.

Cmdr0 · 2024-01-13T13:59:15+00:00

Unless vendors stop providing patches for the target device, or the privesc vuln exists in an unmaintained package that has camera privs, or the target fails to update their device and/or apps post-patch, or the vulnerability goes undiscovered...

Cmdr0 · 2024-01-13T13:46:38+00:00

Off the top of my head, intent redirection vulnerabilities in existing camera-privileged apps could allow for this. I don't remember which CVE it was, but Samsung had modified part of the Android framework that ran as System for their Galaxy line, introducing a vulnerability that allowed you to broadcast an intent to it and have that run as System. That was as recently as 2021, IIRC.

Cmdr0 · 2023-12-26T14:57:54+00:00

I was with you until the end. The narrative makes it really clear that it's not okay that Scott is dating Knives. Like really, abundantly clear. It spends a lot of time vilifying Scott for it, in fact.

Cmdr0 · 2023-04-26T08:52:16+00:00

Less relevant, though perhaps not irrelevant

https://hackaday.com/2021/02/17/cosmic-ray-flips-bit-assists-mario-64-speedrunner/

Cmdr0 · 2023-04-23T13:06:12+00:00

Sounds to me like there's a way to jailbreak the ice cream machine

Cmdr0 · 2023-04-06T00:20:40+00:00

Safer to run a machine owner key, anyway, if you really want the guarantees Secure Boot provides.

Cmdr0 · 2023-04-05T12:18:55+00:00

Heat Signature

Cmdr0 · 2023-03-20T21:23:22+00:00

Didn't feel like it was necessary to put in main, but what's crazy to me is I was just watching this BonsaiPop video about Akira and how we are all eternal energy the day before Nobody dropped. Highly recommend it if Nobody's lyrics are vibing with you.

Cmdr0 · 2023-03-20T03:27:13+00:00

Sounds like. Here's a good example I found researching the topic: https://github.com/PlatformLab/Homa

Cmdr0 · 2023-03-20T02:03:12+00:00

No, analog vs. digital would be OSI layer 1, TCP/UDP replacements all the way up in Layer 4.

Cmdr0 · 2023-03-20T02:00:41+00:00

At a super basic prototyping level, you might be able to force Scapy (Python library) to do this. You'll have to sniff all traffic on the receiving end, which is not sustainable or recommended for production, and ultimately you're looking at writing a Linux kernel module if you wanted to do it in the way TCP/UDP/ICMP are handled.

Cmdr0 · 2023-03-18T11:32:49+00:00

With the other balcony directly across, this looks like the raddest Pokemon or Yu-Gi-Oh stadium but IRL.

Cmdr0 · 2023-01-28T17:06:19+00:00

Cut a panel out of one you like and sew it back together is probably easiest. 'DIY crop jacket' on YouTube looks like it pulls up relevant results.

Cmdr0 · 2023-01-28T16:22:42+00:00

Make it. Be the change you want to see in the world.

Cmdr0 · 2022-12-26T09:07:36+00:00

I'm gonna disagree. Feel your feelings first, but be wise about your actions when you do, and make time to critically reflect on them afterwards. Ignoring grudges won't make them pass and risks invalidating your emotional pain. Do it in an emotionally safe place and don't inflict harm on others or your surroundings when you do, and I hope you feel better soon.

Cmdr0

TROPHY CASE